Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The city of Edmonton invite hackers to crack their voting system

AchilleTalon (540925) writes | about 2 years ago

Canada 6

AchilleTalon writes "2012 Jellybean Internet Voting Election

Offering Edmonton electors an Internet voting option will depend on the results of the 2012 Jellybean Internet Voting Election (Jellybean Election), a mock election being conducted by the City this fall. The purpose of the Jellybean Election is two-fold:

1 To gauge the readiness of Edmontonians to use internet voting as a valid alternative in the 2013 General Election
2 To test the technology and ensure the internet voting system meets the City’s expectations for voter privacy, security, auditability and usability."

Link to Original Source

cancel ×

6 comments

Sorry! There are no comments related to the filter you selected.

Anyone in Canada can "vote" (1)

Maow (620678) | about 2 years ago | (#41640519)

I've gone & closed the Edmonton voting web site so don't have a direct copy/paste quote handy, but it's open to anyone in Canada that wants to vote.

The refer to the attack on the Washington, DC voting system that finalized by playing the Michigan State "fighting song" in the linked-to page too.

I'm normally dead-set against online voting, but in this instance they seem to have most all the bases covered (document retention vs privacy legislation, etc.). Except hacking the centralized voting storage once decrypted.

Fascinating idea, good for Edmonton for giving it a test.

Re:Anyone in Canada can "vote" (1)

ptaff (165113) | about 2 years ago | (#41641191)

they seem to have most all the bases covered

I don't see it like that.

  • Where's the source code?
  • Even with this current cracking test and source code, how can we be sure the systems we use are the same now and in 2013?
  • What's so hard about counting votes by hand?

Re:Anyone in Canada can "vote" (1)

Maow (620678) | about 2 years ago | (#41645563)

they seem to have most all the bases covered

I don't see it like that.

  • Where's the source code?
  • Even with this current cracking test and source code, how can we be sure the systems we use are the same now and in 2013?
  • What's so hard about counting votes by hand?

Good points - that's how I feel too - count them by hand under supervision - works just fine.

Plus if someone can't be bothered to travel the short distance to the polling station, I don't feel their vote is worth much. The elderly seem to never miss an opportunity to vote.

However, I feel people like us won't be winning this battle, so Edmonton appears to be handling it well.

Except the central vote repository -- how safe is that?

Re:Anyone in Canada can "vote" (1)

AchilleTalon (540925) | about 2 years ago | (#41646687)

What about a DDOS that may deny the right to vote to thousands eligibles voters?

What about the custom security (cryptographic) system? Who can examine the code to make sure privacy is ensured. To make sure it is really secure? It is notorious and well documented that most people trying to write their own crypto-security protocols lamentably failed and inevitably missed some exploit in their code, system, implementation.

What about a client-side attacks? Virii?

What about security of authentication procedure? Can someone forge himself a valid identity? Steal his neigbhor's identity?

What about stealed vote by other family members? Spouse, relative, parent, even an employer forcing you to vote front of them?

Re:Anyone in Canada can "vote" (1)

Maow (620678) | about 2 years ago | (#41646749)

What about a DDOS that may deny the right to vote to thousands eligibles voters?

What about the custom security (cryptographic) system? Who can examine the code to make sure privacy is ensured. To make sure it is really secure? It is notorious and well documented that most people trying to write their own crypto-security protocols lamentably failed and inevitably missed some exploit in their code, system, implementation.

What about a client-side attacks? Virii?

What about security of authentication procedure? Can someone forge himself a valid identity? Steal his neigbhor's identity?

What about stealed vote by other family members? Spouse, relative, parent, even an employer forcing you to vote front of them?

I agree with your points and add vote buying to them.

But, I think we're going to lose this battle in a few years when a significant number of older people can be expected to have internet connections (and I also expect polling stations to run concurrently for the first few elections).

Keeping in mind that I fear internet voting is inevitable, it appears that Edmonton is doing a better job than Diebold voting machines or a hefty contract going to Microsoft, although source code auditing and central repo hacking are still a couple of the issues to be dealt with. Maybe CS & math students can audit the back-end?

My vote (pun intended) would be to stick with paper ballots. However, as we saw in Downsview(?) in May 2012, those aren't infallible either.

Re:Anyone in Canada can "vote" (1)

AchilleTalon (540925) | about 2 years ago | (#41647569)

I don't think auditing by CS&Math students is an acceptable deal. An election must be an open process, questionable and understandable by everyone elligible to vote. And I don't think there is actually a battle for internet voting out there. Very few people are asking for this to happen and many of them just don't trust the internet.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>